Staff Cloud Security Engineer
Reston, Virginia, United States
Applications have closed
Qualtrics
Know what your customers and employees need, when they need it, and deliver it every time with powerful, AI driven Experience Management (XM) software.Company Description
At Qualtrics, our mission is to close experience gaps—the costly differences between what customers and employees expect, and what they’re receiving. 13,000+ organizations worldwide and more than 80% of the Fortune 100 rely on the Qualtrics Experience Management Platform™ to collect, analyze, and act on feedback—more feedback than they ever thought possible. With Qualtrics XM, organizations can manage the four core experiences of business—customer, employee, product, and brand experience. Organizations can be at every meaningful touchpoint, for every experience, and predict what will resonate most with customers and employees.
The Challenge
As Qualtrics continues to expand the Experience Management (XM) SaaS platform, we must ensure that we’re protecting our customers and their data by building and operating secure systems. With over twelve hundred software & system engineers contributing to Qualtrics XM every day, we have a large attack surface to evaluate and secure. This role is critical to our mission.
Qualtrics is seeking an experienced security engineer/architect with a passion for security and demonstrated expertise in cloud and infrastructure security. The selected candidate will provide technical leadership and subject matter expertise within the Infrastructure Security team and across the product engineering organization.
The Infrastructure Security team is responsible for measures to improve and ensure the security of infrastructure used to operate and deliver Qualtrics SaaS products. The team’s scope includes cloud (IaaS/PaaS), workload orchestration (Kubernetes, Nomad), containers, data stores and server OS, as well as CI/CD and related systems. Infrastructure Security works in collaboration with other teams within the Information Security organization, including application security, vulnerability management, network security, security operations and incident response, and security assurance. The team also partners with our infrastructure (i.e., SRE) and platform engineering and developer experience teams.
A Day in the Life
- Review system designs and implementations, and consult with engineers across the organization to identify and/or avoid security issues through alignment with security standards and best practices; document and ensure security issues are appropriately remediated
- Leverage your accumulated subject matter expertise of Qualtrics systems and infrastructure to propose design patterns and drive architectural improvements which address classes of security flaws in the platform
- Develop and implement the cloud & infrastructure security architecture and contribute to program strategy and roadmap plans
- Document and improve cloud/infrastructure standards and guidelines
- Promote DevSecOps principles and implement Infrastructure as Code (IaC) scanning and policy enforcement to ensure new systems deployed via Terraform, AWS CloudFormation, Code Development Kit or similar methods are secure and compliant with standards and guidelines
- Deliver training and provide mentoring to engineers and staff on security topics
- Participate in or lead internal purple and red team exercises to proactively evaluate Qualtrics environments for security flaws; perform manual
- Perform the selection, design, development, implementation and management of automated security testing tools (e.g., cloud security posture management (CSPM), network/host/image vulnerability scanners); maintain relationships with product vendors
The Expectation for Success
You will define and drive improvements to the cloud and infrastructure security program; mentor other security engineers; and provide expert guidance and work effectively with the Qualtrics engineering organization and fellow security team members to protect our customers and their data by building and operating secure systems. A qualified candidate may also be asked to manage other security engineers and direct the work performed by the Infrastructure Security team.
Skills That Will Lead to Success
- Bachelor’s degree in Computer Science or a related field
- Over 10 years of relevant work experience
- Experience as a senior/staff/lead security engineer in cloud, infrastructure, product or network security
- Multiple years of experience managing and securing AWS services and workloads
- Experience leading multi-month security projects and initiatives that require collaboration with teams across an organization
- Sound understanding of cloud security vulnerabilities, defense techniques and security best practices, including AWS-specific security practices and present-day threats
- Strong working knowledge of AWS services and security concepts including Service Control Policies (SCPs), Identity and Access Management (IAM), VPCs, ELBs, CloudTrail, and security groups
- Experience with modern cloud infrastructure, including EC2, Linux-based operating systems, docker containers, workload orchestration (Kubernetes, Nomad), data stores (relational DBs, NoSQL and document DBs (Elasticsearch), object stores (S3)), event streaming (Kafka)
- Knowledge of system and infrastructure hardening and monitoring best practices
Preferred Qualifications
- Experience with securing the infrastructure of large, complex SaaS applications
- One or more relevant security certifications (AWS Certified Security - Specialty, CCSP, CCSK, GCSA, AWS Certified Solutions Architect or DevOps Engineer)
- Prior full time SRE, cloud engineering or software development experience
- Team lead, tech lead or management experience
- Experience managing vulnerability scanning tools and/or CSPM
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security AWS CCSP CI/CD Cloud Computer Science DevOps DevSecOps Docker EC2 Elasticsearch IaaS IAM Incident response Kubernetes Linux Monitoring Network security NoSQL PaaS Red team S3 SaaS Strategy Terraform Vulnerabilities Vulnerability management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Information Security Specialist jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open DevSecOps-related jobs